Vulnerabilities > Synel
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-03 | CVE-2023-37220 | Download of Code Without Integrity Check vulnerability in Synel products Synel Terminals - CWE-494: Download of Code Without Integrity Check | 9.8 |
| 2023-07-30 | CVE-2023-32227 | Use of Hard-coded Credentials vulnerability in Synel Synergy/A Firmware Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials | 9.8 |
| 2023-07-30 | CVE-2023-37213 | OS Command Injection vulnerability in Synel Synergy/A Firmware Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection' | 9.8 |
| 2022-01-28 | CVE-2022-22790 | Path Traversal vulnerability in Synel Eharmony 8.0.2.3 SYNEL - eharmony Directory Traversal. | 5.0 |
| 2022-01-28 | CVE-2022-22791 | Cross-site Scripting vulnerability in Synel Eharmony 8.0.2.3 SYNEL - eharmony Authenticated Blind & Stored XSS. | 3.5 |
| 2021-12-08 | CVE-2021-36718 | Improper Authentication vulnerability in Synel Eharmonynew and Synel Reports SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default credentials and export a report of eharmony system with sensetive data (Employee name, Employee ID number, Working hours etc') The vulnerabilety has been addressed and fixed on version 11. | 6.5 |
| 2012-07-09 | CVE-2012-2970 | Resource Management Errors vulnerability in Synel Sy-780/A Time & Attendance Terminal The Synel SY-780/A Time & Attendance terminal allows remote attackers to cause a denial of service (device hang) via network traffic to port (1) 1641, (2) 3734, or (3) 3735. | 7.8 |